Assertion Query/Request Mappers

The Assertion Query/Request profile specifies a means for requesting
existing assertions using a unique identifier. The requester initiates
the profile by sending an assertion request, referenced by an identifier,
to a SAML v2 authority. The SAML v2 authority processes the request,
checks the assertion cache for the identifier, and issues a response
to the requester. An assertion mapper is used by he SAML v2 authority
to process assertion ID requests. The com.sun.identity.saml2.plugins.AssertionIDRequestMapper class is the default implementation for the com.sun.identity.saml2.plugins.AssertionIDRequestMapper SPI. The SPI is used to validate the assertion request
on the server side. The Assertion will be returned to the client only
after the validation passed.

To define a customized mapper, change the value of the assertionIDRequestMapper property in the extended metadata of the provider acting
as SAML v2 attribute authority or authentication authority. To send
a request for an assertion from a provider, use either of the methods
of com.sun.identity.saml2.profile.AssertionIDRequestUtil as
below.